English

Technical Guidance & Project Solution Offered

View All Products

Constant Improvement, Extraordinary Quality

View All Products

High Quality Products, Reasonable Prices And Satisfactory Service

View All Products

Cyber Insurers Clamp Down on Clients' Self-Attestations | Data Center Knowledge | News and analysis for the data center industry

2022-09-23 23:55:21 By : Mr. Jack Yang

Data Center Knowledge is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

A voided lawsuit from a cyber insurance carrier claiming its customer misled it on its insurance application could potentially pave the way to change how underwriters evaluate self-attestation claims on insurance applications.

The case — Travelers Property Casualty Company of America v. International Control Services Inc. (ICS) — hinged on ICS claiming it had multifactor authentication (MFA) in place when the electronics manufacturer applied for a policy. In May the company experienced a ransomware attack. Forensics investigators determined there was no MFA in place, so Travelers asserted it should not be liable for the claim. 

Related: Does Your Data Center Have Adequate Cyber Insurance?

The case (No. 22-cv-2145) was filed in the U.S. District Court for the Central District of Illinois on July 6. At the end of August, the litigants agreed to void the contract, ending ICS's efforts to have its insurer cover its losses.

This case was unusual in that Travelers maintained the misrepresentation "materially affected the acceptance of the risk and/or the hazard assumed by Travelers" in the court filing.

Taking a client to court is a departure from other similar cases where an insurance company simply denied the claim, but it is hardly unique, said Scott Godes, a partner at Barnes & Thornburg LLP, a Washington, D.C.-based law firm. 

"I have seen this issue bubbling up over the last few years. From my perspective, insurance carriers have made this a hard market — raising premiums and lowering limits — and that has emboldened them to choose the nuclear option by rescinding coverage," Godes says.

Security should be proactive, stopping possible breaches before they occur rather than simply responding to each successful attack, notes Sean O'Brien, visiting fellow at the Information Society Project at Yale Law School and the founder of Privacy Lab at Yale Law School.

View the full article on our sister site Dark Reading.

More information about text formats

Featured Products

News & Blog